On Sun, Oct 16, 2016 at 11:37 AM, Ishara Karunarathna <isha...@wso2.com>
wrote:

> Hi All,
>
> With the current IS implementation We have individual SP configurations
> and we associate authentication chains, claim, provisioning configurations
> etc.. to that service provider configuration.
> As a improvement to this we can group these configurations lets say a
> security circle.
>

+1


>
> For a security circle [SC].
> We can configure set of service providers within a SC.
> Associate Userstores to that SC
> Define Authentication chain, Provision config etc..
> Configre Administration policies Ex: only users in wso2admin can manage
> the wso2 security circle.
>

Are we using XACML?  May be Administration/Delegation profile...


> Group authorization policies belong to this circle.
> Once we configure those it will be applicable to all service providers and
> can override with SP level configurations.
>
We can have different login sessions to each circle.
>

So;  end user will have different session for each SC in same browser ?

Is SC  an internal detail or expose to end users (I meant whether it is
like tenant domain)?

Does request contain some detail/param on SC?

Thanks,
Asela.


>
> How can we use this.
> Achieve Enterprise SaaS application use case discussed in [1]
> No need to configure same configurations in each SP level can inherit from
> SC configurations.
> Since we are going with container base Multi tenancy in C5, If a user does
> not like, that can be handle with this security circle.
>

> Thanks,
> Ishara
> [1] "[C5 IS] Multi-tenancy in C5 based IS"
>
> --
> Ishara Karunarathna
> Associate Technical Lead
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791
>
>
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 
Thanks & Regards,
Asela

ATL
Mobile : +94 777 625 933
             +358 449 228 979

http://soasecurity.org/
http://xacmlinfo.org/
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to